[DSE-Dev] Bug#950196: semanage.conf.5: Fix some typographical and other mistakes in the manual

Bjarni Ingi Gislason bjarniig at rhi.hi.is
Thu Jan 30 00:26:45 GMT 2020 

Package: libsemanage-common
Version: 3.0-1
Severity: minor
Tags: patch

Input file is semanage.conf.5

execute mandoc -T lint semanage.conf.5
mandoc: semanage.conf.5:20:17: STYLE: whitespace at end of input line
mandoc: semanage.conf.5:48:19: STYLE: whitespace at end of input line
mandoc: semanage.conf.5:81:82: STYLE: whitespace at end of input line
mandoc: semanage.conf.5:82:65: STYLE: whitespace at end of input line
mandoc: semanage.conf.5:85:14: STYLE: whitespace at end of input line
mandoc: semanage.conf.5:5:2: WARNING: skipping paragraph macro: PP after SH
mandoc: semanage.conf.5:133:1: WARNING: skipping paragraph macro: sp after PP
mandoc: semanage.conf.5:132:2: WARNING: skipping paragraph macro: PP empty

#######

  Remove excessive indentation (one .RS macro).

an-end-check:<semanage.conf.5>: Warning: Different number of .RS and .RE calls, an-RS-open=1 at end of file

######

Change empty lines to '.' lines to avoid an extra empty line in the output.
('.' lines to make a paragraph in the source file.) 


#######

Test nr. 1:

Remove space characters at the end of lines.

Use "git apply ... --whitespace=fix" to fix extra space issues, or use
global configuration "core.whitespace".

20:.B module-store 
48:.B policy-version 
81:List, separated by ";",  of directories to ignore when setting up users homedirs. 
82:Some distributions use this to stop labeling /root as a homedir. 
85:.B usepasswd 

#####

Test nr. 2:

Enable and fix warnings from 'test-groff'.


Output is from: test-groff -b -e -mandoc -T utf8 -rF0 -t -w w -z

  [ "test-groff" is a developmental version of "groff" ]

Input file is ./semanage.conf.5

<semanage.conf.5>:7 (macro BR): only 1 argument, but more are expected
<semanage.conf.5>:50 (macro BR): only 1 argument, but more are expected
<semanage.conf.5>:61 (macro BR): only 1 argument, but more are expected
<semanage.conf.5>:92 (macro BR): only 1 argument, but more are expected
<semanage.conf.5>:115 (macro BR): only 1 argument, but more are expected
<semanage.conf.5>:117 (macro BR): only 1 argument, but more are expected

####

Test nr. 5:

Change '-' (\-) to '\(en' (en-dash) for a numeric range.

semanage.conf.5:103:It should be in the range 0-9. A value of 0 means no compression. By default the bzip block size is set to 9 (actual block

#####

Test nr. 12:

Reduce space between words.

81:List, separated by ";",  of directories to ignore when setting up users homedirs. 

#####

Test nr. 36:

Wrong distance between sentences or protect the indicator.

a) Separate the sentences and subordinate clauses; each begins on a new
line.  See man-pages(7) and "info groff".

  The amount of space between sentences in the output can then be
controlled with the ".ss" request.

(16 lines)

#####

Test nr. 37:

Split lines longer than 80 characters into two or more lines.
Appropriate break points are the end of a sentence and a subordinate
clause; after punctuation marks.

#####

Test nr. 48:

The name of a man page is set in bold and the section in roman (see
man-pages(7).

131:semanage(8)

#####

Patch:

--- semanage.conf.5	2019-12-12 10:47:10.000000000 +0000
+++ semanage.conf.5.new	2020-01-29 23:45:28.000000000 +0000
@@ -2,136 +2,191 @@
 .SH NAME
 semanage.conf \- global configuration file for the SELinux Management library
 .SH DESCRIPTION
-.PP
 The
-.BR semanage.conf
-file is usually located under the directory /etc/selinux and it is used for run-time configuration of the
-behavior of the SELinux Management library.
-
+.B semanage.conf
+file is usually located under the directory /etc/selinux and
+it is used for run-time configuration of the behavior of the SELinux
+Management library.
+.
 .PP
-Each line should contain a configuration parameter followed by the equal sign ("=") and then followed by the configuration value for that
-parameter. Anything after the "#" symbol is ignored similarly to empty lines.
-
+Each line should contain a configuration parameter followed by the
+equal sign ("=") and
+then followed by the configuration value for that parameter.
+Anything after the "#" symbol is ignored similarly to empty lines.
+.
 .PP
 The following parameters are allowed:
-
-.RS
+.
 .TP
-.B module-store 
-Specify how the SELinux Management library should interact with the SELinux policy store. When set to "direct", the SELinux
-Management library writes to the SELinux policy module store directly (this is the default setting).
-Otherwise a socket path or a server name can be used for the argument.
-If the argument begins with "/" (as in "/foo/bar"), it represents the path to a named socket that should be used to connect the policy management
-server.
-If the argument does not begin with a "/" (as in "foo.com:4242"), it should be interpreted as the name of a remote policy management server
-to be used through a TCP connection (default port is 4242 unless a different one is specified after the server name using the colon to separate
-the two fields).
-
+.B module-store
+Specify how the SELinux Management library should interact with the
+SELinux policy store.
+When set to "direct",
+the SELinux Management library writes to the SELinux policy module
+store directly
+(this is the default setting).
+Otherwise a socket path or
+a server name can be used for the argument.
+If the argument begins with "/"
+(as in "/foo/bar"),
+it represents the path to a named socket
+that should be used to connect the policy management server.
+If the argument does not begin with a "/"
+(as in "foo.com:4242"),
+it should be interpreted as the name of a remote policy management
+server to be used through a TCP connection
+(default port is 4242 unless
+a different one is specified after the server name
+using the colon to separate the two fields).
+.
 .TP
 .B root
-Specify an alternative root path to use for the store. The default is "/"
-
+Specify an alternative root path to use for the store.
+The default is "/"
+.
 .TP
 .B store-root
-Specify an alternative store_root path to use. The default is "/var/lib/selinux"
-
+Specify an alternative store_root path to use.
+The default is "/var/lib/selinux"
+.
 .TP
 .B compiler-directory
-Specify an alternative directory that contains HLL to CIL compilers. The default value is "/usr/libexec/selinux/hll".
-
+Specify an alternative directory that contains HLL to CIL compilers.
+The default value is "/usr/libexec/selinux/hll".
+.
 .TP
 .B ignore-module-cache
-Whether or not to ignore the cache of CIL modules compiled from HLL. It can be set to either "true" or "false" and is set to "false" by default.
-If the cache is ignored, then all CIL modules are recompiled from their HLL modules.
-
+Whether or not to ignore the cache of CIL modules compiled from HLL.
+It can be set to either "true" or "false" and
+is set to "false" by default.
+If the cache is ignored,
+then all CIL modules are recompiled from their HLL modules.
+.
 .TP
-.B policy-version 
-When generating the policy, by default
-.BR semanage
-will set the policy version to POLICYDB_VERSION_MAX, as defined in <sepol/policydb/policydb.h>. Change this setting if a different
-version needs to be set for the policy.
-
+.B policy-version
+When generating the policy,
+by default
+.B semanage
+will set the policy version to POLICYDB_VERSION_MAX,
+as defined in <sepol/policydb/policydb.h>.
+Change this setting if
+a different version needs to be set for the policy.
+.
 .TP
 .B target-platform
-The target platform to generate policies for. Valid values are "selinux" and "xen", and is set to "selinux" by default.
-
+The target platform to generate policies for.
+Valid values are "selinux" and "xen",
+and is set to "selinux" by default.
+.
 .TP
 .B expand-check
 Whether or not to check "neverallow" rules when executing all
-.BR semanage
-command. It can be set to either "0" (disabled) or "1" (enabled) and by default it is enabled. There might be a large
-penalty in execution time if this option is enabled.
-
+.B semanage
+command.
+It can be set to either "0" (disabled) or
+"1" (enabled) and by default it is enabled.
+There might be a large penalty in execution time
+if this option is enabled.
+.
 .TP
 .B file-mode
-By default the permission mode for the run-time policy files is set to 0644.
-
+By default the permission mode for the run-time policy files is set to
+0644.
+.
 .TP
 .B save-previous
-It controls whether the previous module directory is saved after a successful commit to the policy store and it can be set to
-either "true" or "false". By default it is set to "false" (the previous version is deleted).
-
+It controls whether the previous module directory is saved after a
+successful commit to the policy store and
+it can be set to either "true" or "false".
+By default it is set to "false"
+(the previous version is deleted).
+.
 .TP
 .B save-linked
-It controls whether the previously linked module is saved (with name "base.linked") after a successful commit to the policy store.
-It can be set to either "true" or "false" and by default it is set to "false" (the previous module is deleted).
-
+It controls whether the previously linked module is saved
+(with name "base.linked")
+after a successful commit to the policy store.
+It can be set to either "true" or "false" and
+by default it is set to "false"
+(the previous module is deleted).
+.
 .TP
 .B ignoredirs
-List, separated by ";",  of directories to ignore when setting up users homedirs. 
-Some distributions use this to stop labeling /root as a homedir. 
-
+List, separated by ";",
+of directories to ignore when setting up users homedirs.
+Some distributions use this to stop labeling /root as a homedir.
+.
 .TP
-.B usepasswd 
-Whether or not to enable the use getpwent() to obtain a list of home directories to label. It can be set to either "true" or "false".
+.B usepasswd
+Whether or not to enable the use of getpwent()
+to obtain a list of home directories to label.
+It can be set to either "true" or "false".
 By default it is set to "true".
-
+.
 .TP
 .B disable-genhomedircon
-It controls whether or not the genhomedircon function is executed when using the
-.BR semanage
-command and it can be set to either "false" or "true". By default the genhomedircon functionality is enabled (equivalent
-to this option set to "false").
-
+It controls whether or not the genhomedircon function is executed when
+using the
+.B semanage
+command and
+it can be set to either "false" or "true".
+By default the genhomedircon functionality is enabled
+(equivalent to this option set to "false").
+.
 .TP
 .B handle-unknown
-This option controls the kernel behavior for handling permissions defined in the kernel but missing from the actual policy.
+This option controls the kernel behavior for handling permissions
+defined in the kernel but
+missing from the actual policy.
 It can be set to "deny", "reject" or "allow".
-
+.
 .TP
 .B bzip-blocksize
-It should be in the range 0-9. A value of 0 means no compression. By default the bzip block size is set to 9 (actual block
-size value is obtained after multiplication by 100000).
-
+It should be in the range 0\(en9.
+A value of 0 means no compression.
+By default the bzip block size is set to 9
+(actual block size value is obtained after multiplication by 100000).
+.
 .TP
 .B bzip-small
-When set to "true", the bzip algorithm shall try to reduce its system memory usage. It can be set to either "true" or "false" and
+When set to "true",
+the bzip algorithm shall try to reduce its system memory usage.
+It can be set to either "true" or "false" and
 by default it is set to "false".
-
+.
 .TP
 .B remove-hll
-When set to "true", HLL files will be removed after compilation into CIL. In order to delete HLL files already compiled into CIL,
+When set to "true",
+HLL files will be removed after compilation into CIL.
+In order to delete HLL files already compiled into CIL,
 modules will need to be recompiled with the
-.BR ignore-module-cache
+.B ignore-module-cache
 option set to 'true' or using the
-.BR ignore-module-cache
-option with semodule. The remove-hll option can be set to either "true" or "false"
-and by default it is set to "false".
-
-Please note that since this option deletes all HLL files, an updated HLL compiler will not be able to recompile the original HLL file into CIL.
-In order to compile the original HLL file into CIL, the same HLL file will need to be reinstalled.
-
+.B ignore-module-cache
+option with semodule.
+The remove-hll option can be set to either "true" or "false" and
+by default it is set to "false".
+.sp 1
+Please note that since this option deletes all HLL files,
+an updated HLL compiler will not be able to recompile the original HLL
+file into CIL.
+In order to compile the original HLL file into CIL,
+the same HLL file will need to be reinstalled.
+.
 .TP
 .B optimize-policy
-When set to "true", the kernel policy will be optimized upon rebuilds.
-It can be set to either "true" or "false" and by default it is set to "false".
-
+When set to "true",
+the kernel policy will be optimized upon rebuilds.
+It can be set to either "true" or "false" and
+by default it is set to "false".
+.
 .SH "SEE ALSO"
 .TP
-semanage(8)
-.PP
-
+.BR semanagep (8)
+.
 .SH AUTHOR
-This manual page was written by Guido Trentalancia <guido at trentalancia.com>.
-
-The SELinux management library was written by Tresys Technology LLC and Red Hat Inc.
+This manual page was written by Guido Trentalancia
+<guido at trentalancia.com>.
+.sp 1
+The SELinux management library was written by Tresys Technology LLC
+and Red Hat Inc.



-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.4.13-1 (SMP w/2 CPU cores)
Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1), LANGUAGE=is_IS.iso88591 (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

-- no debconf information

-- 
Bjarni I. Gislason

More information about the SELinux-devel mailing list